24.0.4

Latest

Latest

github-actions released this 17 Mar 13:52

· 1 commit to main since this release

c5689b9

What's Changed

Upstream Patches

Update defaults.py to increase rsyslog max size by @cigamit in #35

Security Fixes

Updated NPM packages to resolve multiple CVEs
- path-to-regexp: GHSA-rhx6-c78j-4q9w,
- nanoid: GHSA-mwcw-c2x4-8c55,
- cross-spawn: GHSA-3xgq-45jj-v275,
- express: GHSA-pxg6-pf52-xh8x
Upgrating aiohttp>=3.10.11 fixing CVE-2024-52304 by @zorrinna in #38
Updating http-proxy-middleware to version 2.0.7 CVE-2024-21536 by @zorrinna in #50
Update jinja2 to fix CVE-2024-56326 and CVE-2024-56201 by @cigamit in #40
CVE-2023-5752:
- Updating PIP to version 23.3 for CVE-2023-5752 by @TheWitness in #43
- Update PIP to 23.3 to address Mercurial Injection CVE-2023-5752 by @TheWitness in #44
CVE-2024-6345:
- Udating for setuptools to address CVE-2024-6345 by @TheWitness in #45
- Udating for setuptools to address CVE-2024-6345 by @TheWitness in #47

Other

Add CIQ Depot credential by @brianphan in #34
Update requirements.txt for sqlparse 0.5.2 by @TheWitness in #36

New Contributors

@brianphan made their first contribution in #34
@TheWitness made their first contribution in #36
@zorrinna made their first contribution in #38

Full Changelog: 24.0.3...24.0.4

Contributors

cigamit, TheWitness, and 2 other contributors

Assets 2